r6663 - in glibc-package/branches/glibc-branch-wheezy/debian: . patches patches/any

To: debian-glibc@lists.debian.org
Subject: r6663 - in glibc-package/branches/glibc-branch-wheezy/debian: . patches patches/any
From: Aurelien Jarno <aurel32@moszumanska.debian.org>
Date: Mon, 19 Oct 2015 15:59:38 +0000
Message-id: <[🔎] E1ZoCqY-0003pU-Pv@moszumanska.debian.org>

Author: aurel32
Date: 2015-10-19 15:59:38 +0000 (Mon, 19 Oct 2015)
New Revision: 6663

Added:
   glibc-package/branches/glibc-branch-wheezy/debian/patches/any/cvs-fnmatch-overflow.diff
Modified:
   glibc-package/branches/glibc-branch-wheezy/debian/changelog
   glibc-package/branches/glibc-branch-wheezy/debian/patches/series
Log:
patches/any/cvs-fnmatch-overflow.diff: new patch from upstream to fix
a buffer overflow (read past end of buffer) in internal_fnmatch.

Modified: glibc-package/branches/glibc-branch-wheezy/debian/changelog
===================================================================
--- glibc-package/branches/glibc-branch-wheezy/debian/changelog	2015-10-19 11:26:14 UTC (rev 6662)
+++ glibc-package/branches/glibc-branch-wheezy/debian/changelog	2015-10-19 15:59:38 UTC (rev 6663)
@@ -2,6 +2,8 @@
 
   * patches/any/cvs-CVE-2015-1781.diff: new patch from upstream to fix
     a buffer overflow in getanswer_r (CVE-2015-1781). Closes: #796105.
+  * patches/any/cvs-fnmatch-overflow.diff: new patch from upstream to fix
+    a buffer overflow (read past end of buffer) in internal_fnmatch.
   * patches/any/cvs-CVE-2014-8121.diff: new patch from upstream to fix
     an unexpected closing of nss_files databases after lookups, causing
     denial of service (CVE-2014-8121).  Closes: #779587.

Added: glibc-package/branches/glibc-branch-wheezy/debian/patches/any/cvs-fnmatch-overflow.diff
===================================================================
--- glibc-package/branches/glibc-branch-wheezy/debian/patches/any/cvs-fnmatch-overflow.diff	                        (rev 0)
+++ glibc-package/branches/glibc-branch-wheezy/debian/patches/any/cvs-fnmatch-overflow.diff	2015-10-19 15:59:38 UTC (rev 6663)
@@ -0,0 +1,27 @@
+2015-02-26  Andreas Schwab  <schwab@suse.de>
+
+	[BZ #18032]
+	* posix/fnmatch_loop.c (FCT): Remove extra increment when skipping
+	over collating symbol inside a bracket expression.  Minor cleanup.
+
+diff --git a/posix/fnmatch_loop.c b/posix/fnmatch_loop.c
+index f79d051..f11d0f1 100644
+--- a/posix/fnmatch_loop.c
++++ b/posix/fnmatch_loop.c
+@@ -951,14 +951,13 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
+ 		  }
+ 		else if (c == L('[') && *p == L('.'))
+ 		  {
+-		    ++p;
+ 		    while (1)
+ 		      {
+ 			c = *++p;
+-			if (c == '\0')
++			if (c == L('\0'))
+ 			  return FNM_NOMATCH;
+ 
+-			if (*p == L('.') && p[1] == L(']'))
++			if (c == L('.') && p[1] == L(']'))
+ 			  break;
+ 		      }
+ 		    p += 2;

Modified: glibc-package/branches/glibc-branch-wheezy/debian/patches/series
===================================================================
--- glibc-package/branches/glibc-branch-wheezy/debian/patches/series	2015-10-19 11:26:14 UTC (rev 6662)
+++ glibc-package/branches/glibc-branch-wheezy/debian/patches/series	2015-10-19 15:59:38 UTC (rev 6663)
@@ -405,3 +405,4 @@
 any/cvs-getaddrinfo-idn.diff
 any/cvs-CVE-2015-1781.diff
 any/cvs-CVE-2014-8121.diff
+any/cvs-fnmatch-overflow.diff

Reply to:

Prev by Date: r6662 - in glibc-package/branches/glibc-branch-jessie/debian: . patches
Next by Date: r6664 - in glibc-package/branches/glibc-branch-wheezy/debian: . patches patches/any
Previous by thread: r6662 - in glibc-package/branches/glibc-branch-jessie/debian: . patches
Next by thread: r6664 - in glibc-package/branches/glibc-branch-wheezy/debian: . patches patches/any
Index(es):
- Date
- Thread